<!DOCTYPE html>
<html>
    <head>
        <meta http-equiv="Content-Security-Policy" content="script-src 'sha256-hW5xR0AXJuB1wVNtq47Nluq/EXiQSC6QluHBVF3emOM=' 'sha256-n8xN1Y8E6rPXuE8Iv++3Y3Smm6W4OGH6gqfZV7H8F1E=' 'nonce-nonceynonce'">
        <script nonce="nonceynonce">
            if (window.testRunner)
                testRunner.dumpAsText();
            alert('PASS (1/3)');
        </script>
        <script>
            alert('PASS (2/3)');
        </script>
        <script nonce="nonceynonce">
            alert('PASS (3/3)');
        </script>
        <script>
            alert('FAIL (1/2)');
        </script>
        <script nonce="notanonce">
            alert('FAIL (2/2)');
        </script>
    </head>
    <body>
        <p>
            This tests the combined use of script hash and script nonce. It
            passes if two console warnings are visible and the three alerts show
            PASS.
        </p>
    </body>
</html>
